pages.qwilr.com Open in urlscan Pro
2600:9000:2156:8000:6:a3a2:8fc0:93a1  Public Scan

URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Submission: On February 17 via manual from IN — Scanned from DE

Summary

This website contacted 29 IPs in 4 countries across 22 domains to perform 60 HTTP transactions. The main IP is 2600:9000:2156:8000:6:a3a2:8fc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is pages.qwilr.com. The Cisco Umbrella rank of the primary domain is 884011.
TLS certificate: Issued by GeoTrust RSA CA 2018 on June 2nd 2020. Valid for: 2 years.
This is the only time pages.qwilr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
11 2600:9000:215... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 151.101.0.176 54113 (FASTLY)
2 142.250.184.194 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 143.204.103.41 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 54.187.119.242 16509 (AMAZON-02)
2 143.204.98.5 16509 (AMAZON-02)
7 13.239.171.246 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 143.204.98.36 16509 (AMAZON-02)
1 143.204.98.76 16509 (AMAZON-02)
1 143.204.101.3 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 143.204.94.67 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.24 14413 (LINKEDIN)
1 34.211.243.235 16509 (AMAZON-02)
1 143.204.98.39 16509 (AMAZON-02)
1 34.238.181.251 14618 (AMAZON-AES)
1 143.204.98.102 16509 (AMAZON-02)
1 34.240.93.148 16509 (AMAZON-02)
1 34.120.195.249 15169 (GOOGLE)
60 29
Apex Domain
Subdomains
Transfer
18 qwilr.com
pages.qwilr.com — Cisco Umbrella Rank: 884011
api.qwilr.com — Cisco Umbrella Rank: 612975
816 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 854
q.stripe.com — Cisco Umbrella Rank: 5951
m.stripe.com — Cisco Umbrella Rank: 828
69 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 439
www.linkedin.com — Cisco Umbrella Rank: 602
px4.ads.linkedin.com — Cisco Umbrella Rank: 5087
3 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 574
script.hotjar.com — Cisco Umbrella Rank: 726
vars.hotjar.com — Cisco Umbrella Rank: 809
in.hotjar.com — Cisco Umbrella Rank: 1615
66 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 830
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
114 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 913
18 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6342
612 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
612 B
2 hx-qwilr.com
analytics.hx-qwilr.com — Cisco Umbrella Rank: 466072
608 B
2 gstatic.com
fonts.gstatic.com
70 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
3 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
32 KB
1 sentry.io
o11981.ingest.sentry.io — Cisco Umbrella Rank: 909522
285 B
1 kissmetrics.io
trk.kissmetrics.io — Cisco Umbrella Rank: 22781
376 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
65 KB
1 kissmetrics.com
scripts.kissmetrics.com — Cisco Umbrella Rank: 22767
12 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2420
18 KB
1 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1481
71 KB
1 wistia.net
fast.wistia.net — Cisco Umbrella Rank: 6469
112 KB
60 22
Domain Requested by
11 pages.qwilr.com pages.qwilr.com
7 api.qwilr.com pages.qwilr.com
3 js.stripe.com pages.qwilr.com
js.stripe.com
3 fonts.googleapis.com pages.qwilr.com
2 px.ads.linkedin.com 2 redirects
2 snap.licdn.com cdn.segment.com
snap.licdn.com
2 connect.facebook.net cdn.segment.com
connect.facebook.net
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google.de pages.qwilr.com
2 www.google.com pages.qwilr.com
2 analytics.hx-qwilr.com pages.qwilr.com
2 q.stripe.com pages.qwilr.com
2 fonts.gstatic.com fonts.googleapis.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 www.googleadservices.com pages.qwilr.com
cdn.segment.com
1 o11981.ingest.sentry.io pages.qwilr.com
1 in.hotjar.com pages.qwilr.com
1 vars.hotjar.com static.hotjar.com
1 trk.kissmetrics.io scripts.kissmetrics.com
1 script.hotjar.com static.hotjar.com
1 m.stripe.com m.stripe.network
1 px4.ads.linkedin.com pages.qwilr.com
1 www.linkedin.com 1 redirects
1 www.googletagmanager.com cdn.segment.com
1 scripts.kissmetrics.com cdn.segment.com
1 www.google-analytics.com cdn.segment.com
1 cdn.amplitude.com cdn.segment.com
1 static.hotjar.com cdn.segment.com
1 cdn.segment.com pages.qwilr.com
1 fast.wistia.net pages.qwilr.com
60 30

This site contains links to these domains. Also see Links.

Domain
storage.googleapis.com
Subject Issuer Validity Valid
*.qwilr.com
GeoTrust RSA CA 2018
2020-06-02 -
2022-06-02
2 years crt.sh
upload.video.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2022-01-26 -
2022-05-04
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
fast.wistia.net
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-12-24 -
2023-01-25
a year crt.sh
*.segment.com
Amazon
2022-01-12 -
2023-02-10
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA
2021-09-08 -
2022-09-07
a year crt.sh
analytics.hx-qwilr.com
Amazon
2021-12-21 -
2023-01-17
a year crt.sh
www.google.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
www.google.de
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
cdn.amplitude.com
Amazon
2021-12-17 -
2023-01-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-11-27 -
2022-02-25
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2021-07-15 -
2022-07-20
a year crt.sh
www.kissmetrics.io
Sectigo RSA Domain Validation Secure Server CA
2021-06-15 -
2022-07-15
a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-11 -
2022-05-04
4 months crt.sh
*.google.com
GTS CA 1C3
2022-02-07 -
2022-05-02
3 months crt.sh
*.google.de
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.ingest.sentry.io
R3
2021-12-23 -
2022-03-23
3 months crt.sh

This page contains 4 frames:

Primary Page: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Frame ID: 3EDD7CBF897E35B7BBBED309B58D5E03
Requests: 47 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
Frame ID: BB892B6248499FCB6D7B79E6B16E4128
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3942938842D78EA5BE591556BE88D016
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 4C458673B661B78441FA6CC638E5ED5E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Microsoft Office365

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

60
Requests

95 %
HTTPS

41 %
IPv6

22
Domains

30
Subdomains

29
IPs

4
Countries

1494 kB
Transfer

7514 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1645140400999&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D76193%26time%3D1645140400999%26url%3Dhttps%253A%252F%252Fpages.qwilr.com%252FMicrosoft-Office365-AomO0SeORUCb%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1645140400999&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1645140400999&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&liSync=true&e_ipv6=AQKsNfeXjdNU7QAAAX8KAl0JNskH-ApGF2fzlEblKbalMPirlROgWH8pTsLaONfNxGa_xZ5Q

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Microsoft-Office365-AomO0SeORUCb
pages.qwilr.com/
147 KB
20 KB
Document
General
Full URL
https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / cloud66
Resource Hash
d2fcf40d25aac39f5bd162801aae17a10a37d8bd93fc9b27a8a2d513259c135f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
date
Thu, 17 Feb 2022 23:26:39 GMT
server
nginx
x-dns-prefetch-control
off
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
0
access-control-allow-credentials
true
x-powered-by
cloud66
content-encoding
gzip
vary
Origin
x-cache
Miss from cloudfront
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
4BdGn7GGUZRv0IJMtmA2uQeuA0W87Zi7TJ2K_acyVR9_8vgaoVG_PA==
styles-PublicLoader-c2cb926300692fa124ad.css
pages.qwilr.com/Public/Assets/
75 KB
5 KB
Stylesheet
General
Full URL
https://pages.qwilr.com/Public/Assets/styles-PublicLoader-c2cb926300692fa124ad.css
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd8c7e0c683adc1426ae0a095ed20a68064d8c7028d6997ec95460165a403419

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 18:53:44 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 04:35:47 GMT
server
AmazonS3
age
11075576
etag
"96e4d2e8517229a237cf6a0a62740f5b"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4963
x-amz-cf-id
h9o598354sl_BDxsvf3Erv4AdOtVv-sanFjxyhfEkbrNSvkQe0Xhlw==
css
fonts.googleapis.com/
362 B
794 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Damion
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f63eb7afed77b9242192a2d1b496831d8a92eb84fe9ed955de49eccf937ac259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 22:07:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Feb 2022 23:26:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Feb 2022 23:26:39 GMT
css
fonts.googleapis.com/
6 KB
694 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Rubik:300,400,700,400italic&subset=latin,latin-ext
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2bd1fc8a1a311ce7464d14ca090d628ef3f42d5f9ae55cc96cfc27d1bb73401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 23:26:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Feb 2022 23:26:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Feb 2022 23:26:39 GMT
css
fonts.googleapis.com/
6 KB
692 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Inter:300,400,700,400italic&subset=latin,latin-ext
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cb394ca6b49ccbaa37ee9a3dad5e762576f545e92eb84a79a5e9ec790019cfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 23:26:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Feb 2022 23:26:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Feb 2022 23:26:39 GMT
vendors-IdentityProtected-PDFLoader-Public-4405295c11a4bb1c0ac1.js
pages.qwilr.com/Public/Assets/
508 KB
134 KB
Script
General
Full URL
https://pages.qwilr.com/Public/Assets/vendors-IdentityProtected-PDFLoader-Public-4405295c11a4bb1c0ac1.js
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfb90333683887dad5c0b4587b512c895bd6a69ba11636449f03ec24664ef0f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 01:08:10 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 00:59:17 GMT
server
AmazonS3
age
253110
etag
"d92dd95e9ea32f11c8abe5cc2f003d5a"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
136546
x-amz-cf-id
PMzIEyfy3cuxdPdIciS5k3zCIQM7_l54DzVt5j4CEd5y0vPYABpBNg==
vendors-IdentityProtected-Public-76a4c46d896025d18071.js
pages.qwilr.com/Public/Assets/
710 KB
119 KB
Script
General
Full URL
https://pages.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-76a4c46d896025d18071.js
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e86d58a15353282021d1c2dc49e80877d8d42ecc4edb7577e660b8ba69165b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 00:39:13 GMT
content-encoding
br
last-modified
Thu, 17 Feb 2022 00:35:04 GMT
server
AmazonS3
age
82047
etag
"aa740c0be27e56c5cf0ec01979c65745"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
121834
x-amz-cf-id
qTO4ZSg9TSSm0S8qvCwQa6HiigeFOG1PUBu1c4tQtqvyYGP910Zxsw==
vendors-Public-4fb7e5c4db7828c0ce2c.js
pages.qwilr.com/Public/Assets/
1 MB
258 KB
Script
General
Full URL
https://pages.qwilr.com/Public/Assets/vendors-Public-4fb7e5c4db7828c0ce2c.js
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad53a85581a58bae0ff940c128fc48efbf5ee755a943f269ae6c346b7d24c0ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 00:39:13 GMT
content-encoding
br
last-modified
Thu, 17 Feb 2022 00:35:10 GMT
server
AmazonS3
age
82047
etag
"634ee82b4d88bc5b6696a2aef3b2fdee"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
263938
x-amz-cf-id
Smsk7gvULDpoP3NZH7zBECOH-LUMIeBB76R1-_7da2LpM5mWGiqaUQ==
default-IdentityProtected-PDFLoader-Public-e346d923201d13a5de66.js
pages.qwilr.com/Public/Assets/
22 KB
4 KB
Script
General
Full URL
https://pages.qwilr.com/Public/Assets/default-IdentityProtected-PDFLoader-Public-e346d923201d13a5de66.js
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3224f938e00f275d23791c6e04ef10f5bbe191e056a228f9dffa63b929474484

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 01:48:00 GMT
content-encoding
br
last-modified
Mon, 07 Feb 2022 01:37:58 GMT
server
AmazonS3
age
941920
etag
"b813b8fb51ef6695f7a97d454b799043"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3981
x-amz-cf-id
Z9ILhWFnAsTkd4hHhr4IAoe8aK6rHlwMdjUIsxiuSRSr5bWF_UMNQg==
default-IdentityProtected-Public-85c94a7e5c119b38b634.js
pages.qwilr.com/Public/Assets/
20 KB
5 KB
Script
General
Full URL
https://pages.qwilr.com/Public/Assets/default-IdentityProtected-Public-85c94a7e5c119b38b634.js
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e0bb78b11bc46b8c1d2c99408a7af7b14f98bf9da8049f2e35284711c05f104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 00:39:13 GMT
content-encoding
br
last-modified
Thu, 17 Feb 2022 00:34:55 GMT
server
AmazonS3
age
82046
etag
"1e6a2f1213aeef40ee384d77c6121f8b"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4644
x-amz-cf-id
kdG2PybC-OtipPsCP5bHZogbd2kDJZfeqC_eazP-re7CkPhW0ObNWw==
app-Public-29a9d6c0be28351f95a8.js
pages.qwilr.com/Public/Assets/
1 MB
174 KB
Script
General
Full URL
https://pages.qwilr.com/Public/Assets/app-Public-29a9d6c0be28351f95a8.js
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b38ba1cf45fb7bf23e756d7348fd77cb78679971551fa45a28382fee301cefb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 23:16:25 GMT
content-encoding
br
last-modified
Thu, 17 Feb 2022 23:07:22 GMT
server
AmazonS3
age
615
etag
"130f8ef8d993c2adbccfb5c627127344"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
177773
x-amz-cf-id
lczID3ibjEDtBplovODb3x6bvrFMtKtOeSPS81YzOqg9ZxQP15Jh3A==
app-PublicLoader-edb94f083714999cb519.js
pages.qwilr.com/Public/Assets/
2 KB
921 B
Script
General
Full URL
https://pages.qwilr.com/Public/Assets/app-PublicLoader-edb94f083714999cb519.js
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aedf0f43a20ad8b31a3a6af1a550930e87f77ba698970ec4efb664d320324a52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 00:39:14 GMT
content-encoding
br
last-modified
Thu, 17 Feb 2022 00:35:08 GMT
server
AmazonS3
age
82046
etag
"7dbe39ce5682b7df499c11eda174f445"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
541
x-amz-cf-id
Hh5VaQbaPI79aVl_0Hs4VVquxQ_N4DYpVEzhE3fot4ICOomoe5z3_g==
/
js.stripe.com/v3/
278 KB
67 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
19ab110c894109b6a5d7bb07d292641fabfc92870641d0fc1adb6d91609f5ffd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
12
x-cache
HIT
content-length
67993
etag
"7d3b47382080fde1dd1780f1e0e2de9f"
x-request-id
92d23f22-6318-4812-9449-986b20447340
x-served-by
cache-hhn4083-HHN
access-control-allow-origin
*
last-modified
Thu, 17 Feb 2022 19:17:17 GMT
server
Fastly
date
Thu, 17 Feb 2022 23:26:40 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
styles-50f487c554d1aa267e29.css
pages.qwilr.com/Public/Assets/
767 KB
52 KB
Stylesheet
General
Full URL
https://pages.qwilr.com/Public/Assets/styles-50f487c554d1aa267e29.css
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b941c671363b278fd6e6a6b07b5a4152a870d300b02f25e8919037e6874cad32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 23:10:31 GMT
content-encoding
br
last-modified
Thu, 17 Feb 2022 23:07:28 GMT
server
AmazonS3
age
970
etag
"7d6805ebf669ea9996d97571a0aa91e4"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
53148
x-amz-cf-id
TezVEjXmylpc1e1CYbzuWeuIdozS5saYbCiUkYBzwCkXcpqdD9bKHA==
conversion.js
www.googleadservices.com/pagead/
44 KB
17 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e71e33970d5f6fdf27efb4a7bbd26817f8b39b2ce05fba80a74213b048445f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 23:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17268
x-xss-protection
0
server
cafe
etag
16356830118958000390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Feb 2022 23:26:40 GMT
E-v1.js
fast.wistia.net/assets/external/
592 KB
112 KB
Script
General
Full URL
https://fast.wistia.net/assets/external/E-v1.js
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd76b2a49faf7ebdba125487bebec28e89c77673470cef9bf7add376ca77c823
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 23:26:40 GMT
content-encoding
br
vary
Accept-Encoding
age
922
x-cache
HIT, HIT
content-length
114421
x-served-by
cache-iad-kcgs7200162-IAD, cache-hhn4074-HHN
access-control-allow-origin
*
x-browser-version
98
last-modified
Mon, 14 Feb 2022 19:30:13 GMT
x-timer
S1645140400.286071,VS0,VE0
etag
"620aadc5-1bef5"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 20
analytics.min.js
cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/
416 KB
71 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-103-41.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f160dcedd50edd251c1c1a60602dd406718d7768e1608ec9789897f96d80ec70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
HIg.QoCvpK0tOQPRhb0hJh3pUGoOPnb0
content-encoding
br
etag
W/"affc382ce45cd8ce2514d8b48c8b46b6"
x-amz-cf-pop
FRA50-C1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Tue, 08 Feb 2022 20:55:34 GMT
server
AmazonS3
date
Thu, 17 Feb 2022 23:26:41 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
ZWugzhUwG2bbwcGKckZeFfCq_CL8i81MLd6Ln5gRQ9Xt3KvNdyNGlA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/?random=1645140400630&cv=9&fst=1645140400630&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&tiba=Microsoft%20Office365&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9e2af64cda5029a39c2cbb3e8c5c553e4996a57aca032ce2dd4de60898a9dd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 23:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1014
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v18/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v18/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,700,400italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.qwilr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 02:17:41 GMT
x-content-type-options
nosniff
age
76139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33620
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:19:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 17 Feb 2023 02:17:41 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/
37 KB
38 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300,400,700,400italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.qwilr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 03:57:28 GMT
x-content-type-options
nosniff
age
242952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37780
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 17:59:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 03:57:28 GMT
m-outer-21b66fa0c573e809345fe202113a4338.html
js.stripe.com/v3/ Frame BB89
240 B
527 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9a280ca12a2d4400a93d3a9faf5e18bb2f65091a76e4cfe41b78621baab826f2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/

Response headers

last-modified
Tue, 15 Feb 2022 21:02:56 GMT
etag
"21b66fa0c573e809345fe202113a4338"
content-type
text/html; charset=utf-8
cache-control
max-age=31536000
content-security-policy
default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
server
Fastly
content-encoding
br
accept-ranges
bytes
date
Thu, 17 Feb 2022 23:26:40 GMT
via
1.1 varnish
age
33
x-request-id
623517ed-05b0-4bca-9c65-871df38bd326
x-served-by
cache-hhn4083-HHN
x-cache
HIT
x-cache-hits
22
vary
Accept-Encoding
timing-allow-origin
*
content-length
140
csp-report
q.stripe.com/ Frame BB89
0
356 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 17 Feb 2022 23:26:41 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
1
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
events
analytics.hx-qwilr.com/ Frame
0
0
Preflight
General
Full URL
https://analytics.hx-qwilr.com/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://pages.qwilr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Thu, 17 Feb 2022 23:26:41 GMT
x-amzn-requestid
7d2adf98-8230-498a-9a06-75551e455b08
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
NtbzxHarSwMFiAA=
access-control-allow-methods
GET,OPTIONS,POST,PUT
x-cache
Miss from cloudfront
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
FyAliBCJf4-iqGpbgyfwwaTBWpC76ieK66bU0dwyVK92H0djQimJtw==
boomerang-1.0.0.min.js
pages.qwilr.com/Assets/scripts/
144 KB
42 KB
XHR
General
Full URL
https://pages.qwilr.com/Assets/scripts/boomerang-1.0.0.min.js?_=1645140400670
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-76a4c46d896025d18071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:6:a3a2:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / cloud66
Resource Hash
97a53d662bfb1069fa5fc27b400a2ea4d78c5e81dc411a6f90e955de8808b0c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 04:03:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
69816
x-powered-by
cloud66
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 01:21:15 GMT
server
nginx
etag
W/"240eb-17f0544e2f8"
expect-ct
max-age=0
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public, max-age=604800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Q7V46zY4ftLSSmA1t6vx01Gjv2mZWdrPdPggdC6hLdZCzVjhq4yT8w==
events
analytics.hx-qwilr.com/
240 B
608 B
XHR
General
Full URL
https://analytics.hx-qwilr.com/events
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-76a4c46d896025d18071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
a47c7270e6a67bdb7b2e745e3f6191c1a7585ae81f030cf6777a860e011bcc7f

Request headers

Accept
application/json, text/plain, */*
Referer
https://pages.qwilr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Feb 2022 23:26:42 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
56488547-cdb5-4907-9fd8-173743725c74
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-620ed9b2-3f7a0d6b7922c8964b624443;Sampled=0
x-amz-apigw-id
Ntbz8Ed1SwMFi1g=
content-length
240
x-amz-cf-id
c_o-G9pYlHml5e5YQVq5hAqCnJLiLP6p-r80il0frgm8iNHCkGQHmA==
XvtW0N3HSnuq
api.qwilr.com/web-api/AomO0SeORUCb/expire-identify/
0
337 B
XHR
General
Full URL
https://api.qwilr.com/web-api/AomO0SeORUCb/expire-identify/XvtW0N3HSnuq
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-76a4c46d896025d18071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.171.246 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-171-246.ap-southeast-2.compute.amazonaws.com
Software
nginx / cloud66
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://pages.qwilr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 23:26:41 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
cloud66
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
access-control-allow-origin
https://pages.qwilr.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
x-dns-prefetch-control
off
vary
X-HTTP-Method-Override, Origin
content-length
0
x-xss-protection
0
m-outer-5c4150bc004c99291dfd234a82c582e0.js
js.stripe.com/v3/fingerprinted/js/ Frame BB89
1 KB
773 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-5c4150bc004c99291dfd234a82c582e0.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
40
x-cache
HIT
content-length
645
etag
"d0c7e21ec457b6a134a496f107c3ca93"
x-request-id
9627b5d3-a59f-4c40-b512-f3147ae0d3eb
x-served-by
cache-hhn4083-HHN
access-control-allow-origin
*
last-modified
Tue, 15 Feb 2022 21:03:02 GMT
server
Fastly
date
Thu, 17 Feb 2022 23:26:40 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
58
/
www.google.com/pagead/1p-user-list/957165257/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/957165257/?random=1645140400630&cv=9&fst=1645138800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&tiba=Microsoft%20Office365&fmt=3&is_vtc=1&random=2161334059&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 23:26:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/957165257/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/957165257/?random=1645140400630&cv=9&fst=1645138800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&tiba=Microsoft%20Office365&fmt=3&is_vtc=1&random=2161334059&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 23:26:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inner.html
m.stripe.network/ Frame 3942
932 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-5c4150bc004c99291dfd234a82c582e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-36.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
content-length
932
last-modified
Fri, 28 Jan 2022 20:07:53 GMT
accept-ranges
bytes
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
date
Thu, 17 Feb 2022 23:23:26 GMT
cache-control
max-age=300, public
etag
"f6254e6dd0cb06228801a1c8baf0939f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
f25VdTImfLJicRMWJeNLJWJ8_cywlZtzUi_nUNoh8EjxC9bS5h76uw==
age
209
hotjar-218686.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-218686.js?sv=6
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-76.fra50.r.cloudfront.net
Software
/
Resource Hash
fb1aa14304ccf88625d8d69e8eb41742bd884e6ba8f4389240d72257ee61d712
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 23:26:40 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/63e40b440f3e3c7fccc4ec1892ea2eab
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
content-length
1971
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
x-amz-cf-id
ZBArB76wc4o3CCi3xrQcVU_CSUp_f_xWLO4bduGKww3PwytdG9WRwQ==
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 23:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14879
x-xss-protection
0
server
cafe
etag
17635014576153706337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Feb 2022 23:26:40 GMT
amplitude-5.2.2-min.gz.js
cdn.amplitude.com/libs/
54 KB
18 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-3.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
aZB1RIRJqET7nosqRtOBVideRuh0jIV6
content-encoding
gzip
etag
"b568e7b3c9d94da6a1d4845b18400f7a"
age
1981046
x-cache
Hit from cloudfront
content-length
17889
access-control-allow-origin
*
last-modified
Mon, 21 Oct 2019 15:45:34 GMT
server
AmazonS3
date
Wed, 26 Jan 2022 01:09:15 GMT
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
-MfXwouOifXpKgPajRoPu1gFEonFp8XgJlz_v2CnpT2Pr1fr_h1XWw==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4909
date
Thu, 17 Feb 2022 22:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 18 Feb 2022 00:04:52 GMT
fbevents.js
connect.facebook.net/en_US/
99 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
RysZB8oI1TYJp0XGFU2KsHqfeqO328L2BeJHvv1Dl+lAFypdNUgnev+T5rRN1n7MGXsHWoHTv4QedbQYVfdhLA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 17 Feb 2022 23:26:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
1006 B
792 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 23:26:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 18:48:07 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=69706
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
479
bb86df12b7c4bc535cf1d0ab770808ba6e380ac9.2.js
scripts.kissmetrics.com/
26 KB
12 KB
Script
General
Full URL
https://scripts.kissmetrics.com/bb86df12b7c4bc535cf1d0ab770808ba6e380ac9.2.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-67.fra50.r.cloudfront.net
Software
nginx/1.6.2 /
Resource Hash
bbd3877879c3c2d802ca1f5360c3b53eb6efcc2ddbb9e51224ab891ee45c643e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 23:46:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 13:15:30 GMT
Server
nginx/1.6.2
X-Amz-Cf-Pop
FRA50-C1
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
P3P
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Cache-Control
max-age=60
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript; charset=utf-8
X-Amz-Cf-Id
NDlxGP8zb1gbKs-fJi60pCallZx3km0NauQeCBlgt2WeJiqbF8sNHA==
gtm.js
www.googletagmanager.com/
180 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MLQKJ7&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b84b8a2b477e66d8b6d2fd4e4e1a695d080cb026106ef04303eb976ac578389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 23:26:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66268
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 21:06:39 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Feb 2022 23:26:41 GMT
csp-report
q.stripe.com/ Frame 3942
0
131 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 17 Feb 2022 23:26:41 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.41.js
m.stripe.network/ Frame 3942
85 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.41.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-36.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
217
x-cache
Hit from cloudfront
date
Thu, 17 Feb 2022 23:23:05 GMT
last-modified
Thu, 13 Jan 2022 18:40:13 GMT
server
Cloudfront
etag
W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
xEDVli0p3d57botdNOqEYYL84EwO6iPBddL7cpk57rZHtv2jFzJq6Q==
insight.old.min.js
snap.licdn.com/li.lms-analytics/
5 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 23:26:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 23:50:54 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=79630
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
1511546975772062
connect.facebook.net/signals/config/
307 KB
88 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1511546975772062?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50c7af40adb2b7c46678b2777f4f13d50349cd005b50e449de1f4acf10df6ee8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
FEFmoYU1CaqPtOUJLWaHpA5SYM6tt3XCG5Naktk7Nr5zZ1nV9u/giXdpxDFbapkrN/R4gQQF7iLPq0qGh9/GZw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 17 Feb 2022 23:26:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1645140400999&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D76193%26time%3D1645140400999%26url%3Dhttps%253A%252F%252Fpages.qwilr.com%252FMicr...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1645140400999&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1645140400999&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&liSync=true&e_ipv6=AQKsNfeXjdNU7QAAAX8KAl0JNskH-ApG...
0
496 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1645140400999&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&liSync=true&e_ipv6=AQKsNfeXjdNU7QAAAX8KAl0JNskH-ApGF2fzlEblKbalMPirlROgWH8pTsLaONfNxGa_xZ5Q
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
HTTP/1.1
Server
108.174.10.24 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-24.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 23:26:41 GMT
Server
Play
LinkedIn-Action
1
Content-Type
application/javascript
X-LI-Proto
http/1.1
Connection
keep-alive
X-Li-Pop
prod-lva1-x
content-length
0
X-LI-UUID
AAXYPxlAQOcO6fcEsSOTjA==
X-Li-Fabric
prod-lva1

Redirect headers

date
Thu, 17 Feb 2022 23:26:41 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 4C7FA9CF10BA4390A09E3468A18320AC Ref B: FRAEDGE1512 Ref C: 2022-02-17T23:26:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&time=1645140400999&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&liSync=true&e_ipv6=AQKsNfeXjdNU7QAAAX8KAl0JNskH-ApGF2fzlEblKbalMPirlROgWH8pTsLaONfNxGa_xZ5Q
x-li-proto
http/2
content-length
0
x-li-uuid
AAXYPxk7P3s3VKdmRjDjxw==
6
m.stripe.com/ Frame 3942
156 B
522 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-243-235.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
82850dc33b7eadb70758b05e52c11d9e68c1b44084c4b68a8c7f741b9f237127
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 17 Feb 2022 23:26:41 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
modules.7d6d0311dc6eb2c0bc38.js
script.hotjar.com/
235 KB
62 KB
Script
General
Full URL
https://script.hotjar.com/modules.7d6d0311dc6eb2c0bc38.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-218686.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-39.fra50.r.cloudfront.net
Software
/
Resource Hash
01dfdc130cd3e3b7ed01572613ea6552ab9819ca803c688076f850d06aa627a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 14:12:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
33275
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62769
access-control-allow-origin
*
last-modified
Thu, 17 Feb 2022 14:12:00 GMT
etag
"fb6a0182102480f4b418874ee97e7e39"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
boB_Qc_KrcJpjoMhLJecY9I63Dr3cCO-JHZGqp-9b9TuSTrgItk1pQ==
AomO0SeORUCb
api.qwilr.com/web-api/boomerang/ Frame
0
0
Preflight
General
Full URL
https://api.qwilr.com/web-api/boomerang/AomO0SeORUCb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.171.246 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-171-246.ap-southeast-2.compute.amazonaws.com
Software
nginx / cloud66
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://pages.qwilr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Feb 2022 23:26:41 GMT
server
nginx
x-dns-prefetch-control
off
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
0
access-control-allow-origin
https://pages.qwilr.com
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
Accept,Content-Type,Origin,X-XSRF-TOKEN,X-Requested-With
x-powered-by
cloud66
AomO0SeORUCb
api.qwilr.com/web-api/boomerang/
2 B
377 B
XHR
General
Full URL
https://api.qwilr.com/web-api/boomerang/AomO0SeORUCb
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-76a4c46d896025d18071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.171.246 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-171-246.ap-southeast-2.compute.amazonaws.com
Software
nginx / cloud66
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://pages.qwilr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Feb 2022 23:26:41 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
cloud66
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=0
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://pages.qwilr.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
x-dns-prefetch-control
off
vary
X-HTTP-Method-Override, Origin
content-length
2
x-xss-protection
0
e
trk.kissmetrics.io/
43 B
376 B
Ping
General
Full URL
https://trk.kissmetrics.io/e
Requested by
Host: scripts.kissmetrics.com
URL: https://scripts.kissmetrics.com/bb86df12b7c4bc535cf1d0ab770808ba6e380ac9.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.181.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-181-251.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://pages.qwilr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 17 Feb 2022 23:26:41 GMT
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 17 Feb 2022 23:26:40 GMT
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 4C45
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-218686.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/

Response headers

content-type
text/html
content-length
1044
date
Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
vAdYEUPklnolcwNp9aDEjrdiGXyCsKDleX5Mxe3AbkTu_IEHlc98Hw==
age
1175675
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/?random=1645140401177&cv=9&fst=1645140401177&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&tiba=Microsoft%20Office365&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cea41351e83235cbe6b9290eba2e62c4ae5ecea0c401f4743c7825bb9a4ff7d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 23:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1028
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AomO0SeORUCb
api.qwilr.com/web-api/count-visit/ Frame
0
0
Preflight
General
Full URL
https://api.qwilr.com/web-api/count-visit/AomO0SeORUCb?visitToken=XvtW0N3HSnuq&userId=LJyH47Tstny2SdPJYni2BtJzjFY=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.171.246 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-171-246.ap-southeast-2.compute.amazonaws.com
Software
nginx / cloud66
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://pages.qwilr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Feb 2022 23:26:41 GMT
server
nginx
x-dns-prefetch-control
off
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
0
access-control-allow-origin
https://pages.qwilr.com
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
Accept,Content-Type,Origin,X-XSRF-TOKEN,X-Requested-With
x-powered-by
cloud66
AomO0SeORUCb
api.qwilr.com/web-api/count-visit/
2 B
378 B
XHR
General
Full URL
https://api.qwilr.com/web-api/count-visit/AomO0SeORUCb?visitToken=XvtW0N3HSnuq&userId=LJyH47Tstny2SdPJYni2BtJzjFY=
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-76a4c46d896025d18071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.171.246 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-171-246.ap-southeast-2.compute.amazonaws.com
Software
nginx / cloud66
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://pages.qwilr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 17 Feb 2022 23:26:42 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
cloud66
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=0
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://pages.qwilr.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
x-dns-prefetch-control
off
vary
X-HTTP-Method-Override, Origin
content-length
2
x-xss-protection
0
visit-data
in.hotjar.com/api/v2/client/sites/218686/
146 B
323 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/218686/visit-data?sv=6
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-76a4c46d896025d18071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.93.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-93-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd

Request headers

Referer
https://pages.qwilr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 17 Feb 2022 23:26:41 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
/
www.google.com/pagead/1p-user-list/957165257/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/957165257/?random=1645140401177&cv=9&fst=1645138800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&tiba=Microsoft%20Office365&async=1&fmt=3&is_vtc=1&random=3549912567&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 23:26:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/957165257/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/957165257/?random=1645140401177&cv=9&fst=1645138800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Fpages.qwilr.com%2FMicrosoft-Office365-AomO0SeORUCb&tiba=Microsoft%20Office365&async=1&fmt=3&is_vtc=1&random=3549912567&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Microsoft-Office365-AomO0SeORUCb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.qwilr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 23:26:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
o11981.ingest.sentry.io/api/5792471/envelope/
41 B
285 B
Fetch
General
Full URL
https://o11981.ingest.sentry.io/api/5792471/envelope/?sentry_key=4c121e229b894612824f2a7f93acbad4&sentry_version=7
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-76a4c46d896025d18071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5e52cd6ecb3b9b73a3fb881257a363c23ababd6d70e816a2bb1ae1f9bdee237d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pages.qwilr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 17 Feb 2022 23:26:41 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://pages.qwilr.com
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
41
AomO0SeORUCb
api.qwilr.com/web-api/boomerang/ Frame
0
0
Preflight
General
Full URL
https://api.qwilr.com/web-api/boomerang/AomO0SeORUCb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.171.246 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-171-246.ap-southeast-2.compute.amazonaws.com
Software
nginx / cloud66
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://pages.qwilr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 17 Feb 2022 23:26:42 GMT
server
nginx
x-dns-prefetch-control
off
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
0
access-control-allow-origin
https://pages.qwilr.com
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
Accept,Content-Type,Origin,X-XSRF-TOKEN,X-Requested-With
x-powered-by
cloud66
AomO0SeORUCb
api.qwilr.com/web-api/boomerang/
2 B
377 B
XHR
General
Full URL
https://api.qwilr.com/web-api/boomerang/AomO0SeORUCb
Requested by
Host: pages.qwilr.com
URL: https://pages.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-76a4c46d896025d18071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.171.246 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-171-246.ap-southeast-2.compute.amazonaws.com
Software
nginx / cloud66
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://pages.qwilr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Feb 2022 23:26:42 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
cloud66
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
expect-ct
max-age=0
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://pages.qwilr.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
x-dns-prefetch-control
off
vary
X-HTTP-Method-Override, Origin
content-length
2
x-xss-protection
0
events
analytics.hx-qwilr.com/
0
0

events
analytics.hx-qwilr.com/ Frame
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.hx-qwilr.com
URL
https://analytics.hx-qwilr.com/events
Domain
analytics.hx-qwilr.com
URL
https://analytics.hx-qwilr.com/events

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone string| sentryUrl number| sessionStartTime object| qSessionTracking object| qAnalyticsConfig object| __webpackStripeJSv3Jsonp function| Stripe string| telemetryMetadata string| _sk object| analytics object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| loadingOverlay object| webpackJsonp function| setImmediate function| clearImmediate function| _ object| __SENTRY__ object| __core-js_shared__ object| core object| global object| System function| asap function| Observable object| regeneratorRuntime boolean| _babelPolyfill object| angular number| __mobxInstanceCount object| __mobxGlobals object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds object| $templateCache function| BOOMR_check_doc_domain object| BOOMR object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq object| amplitude string| GoogleAnalyticsObject function| ga function| _fbq function| fbq object| _hjSelf function| hj object| _hjSettings string| _linkedin_data_partner_id object| _kmq object| dataLayer function| lintrk boolean| _already_called_lintrk object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| google_trackConversion object| gaplugins object| gaGlobal object| gaData string| KM_KEY number| KM_INCLUDE_HOSTNAME number| KM_SKIP_PAGE_VIEW number| KM_HANDLE_PRERENDER object| KM function| KMQ undefined| KMCTT_SOURCE string| KMCTT_ORIGIN function| _kmil string| KM_COOKIE_DOMAIN object| google_tag_manager object| GooglebQhCsO

28 Cookies

Domain/Path Name / Value
.qwilr.com/ Name: amplitude_idundefinedqwilr.com
Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.qwilr.com/ Name: amplitude_id_e5e5d321dcee948b3a9b02c948ee0117qwilr.com
Value: eyJkZXZpY2VJZCI6ImU1ODAyZjFiLWE5N2UtNGE4Yy1hNGNmLWYzNmI0NDUyOTg0ZlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY0NTE0MDQwMDk5NywibGFzdEV2ZW50VGltZSI6MTY0NTE0MDQwMDk5NywiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9
.qwilr.com/ Name: _ga
Value: GA1.2.316452411.1645140401
.qwilr.com/ Name: _gid
Value: GA1.2.233143760.1645140401
.qwilr.com/ Name: kvcd
Value: 1645140401124
.qwilr.com/ Name: km_ai
Value: LJyH47Tstny2SdPJYni2BtJzjFY%3D
.qwilr.com/ Name: km_vs
Value: 1
.qwilr.com/ Name: km_lv
Value: 1645140401
.linkedin.com/ Name: UserMatchHistory
Value: AQIrB2uIRMnEDQAAAX8KAlvJhcEXJh_UCJ3_Ot6N3a6R1d8Ep92pU-ZIrOdhIHi9eqk2eolWN1ZxKQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKttiMjQKxJ3wAAAX8KAlvJdwfKtamftY2mK7vuExAf6UBIgN6pkRV4mT5IwBXdB0cpUyIy7oURh2TokDgI1g
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&965b6fc8-c5d4-4238-8f56-c5a31c1fce9b"
.qwilr.com/ Name: _gcl_au
Value: 1.1.818480237.1645140401
.qwilr.com/ Name: _hjSessionUser_218686
Value: eyJpZCI6IjJmNzVjZmU4LTAzMWYtNTQzYi1hNWUyLTY2MGQ2Y2JmNTE2MSIsImNyZWF0ZWQiOjE2NDUxNDA0MDExNDEsImV4aXN0aW5nIjpmYWxzZX0=
.qwilr.com/ Name: _hjFirstSeen
Value: 1
pages.qwilr.com/ Name: _hjIncludedInSessionSample
Value: 1
.qwilr.com/ Name: _hjSession_218686
Value: eyJpZCI6IjVjNmUyOWIwLWNlYjMtNGE0YS04MmNiLWVjY2M3OWVmY2FmOCIsImNyZWF0ZWQiOjE2NDUxNDA0MDEyMDMsImluU2FtcGxlIjp0cnVlfQ==
pages.qwilr.com/ Name: _hjIncludedInPageviewSample
Value: 1
.qwilr.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUmbYYK4xeiu8g9nNxLQxUYaExLDktczybJYXDbuHIBOGiHSItFyBID7XUx8
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202202172326413ee7c9e2-6246-4209-8dbc-aea3c8e71b8bAQH8oOSkciKcGbAg2_dEUaKvdR2fjmj2"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDUxNDA0MDE7MjswMjFjevLqfraf1ibjZV9dYcIRM7MHSyfFNIpBsNUbaaq7sw==
m.stripe.com/ Name: m
Value: 33c900b7-2bbd-4e3f-85a7-2b4a321d73d2aa49ca
.pages.qwilr.com/ Name: __stripe_mid
Value: fb1b6606-5447-47e7-8e65-950a7e43885c2c491f
.pages.qwilr.com/ Name: __stripe_sid
Value: 9f8b4aa1-28e1-4643-a5a0-d335fa2890d54e035d
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2221:u=1:x=1:i=1645140401:t=1645226801:v=2:sig=AQFOSvEGm9GlF5vzeJMQ9WfgAH67QEqn"
.qwilr.com/ Name: RT
Value: "z=1&dm=qwilr.com&si=9097a5de-fec6-450e-a73d-926cf2b37d06&ss=kzrm47p6&sl=1&tt=2h8&ld=2h9"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.hx-qwilr.com
api.qwilr.com
cdn.amplitude.com
cdn.segment.com
connect.facebook.net
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
js.stripe.com
m.stripe.com
m.stripe.network
o11981.ingest.sentry.io
pages.qwilr.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
script.hotjar.com
scripts.kissmetrics.com
snap.licdn.com
static.hotjar.com
trk.kissmetrics.io
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
analytics.hx-qwilr.com
108.174.10.24
13.239.171.246
142.250.184.194
143.204.101.3
143.204.103.41
143.204.94.67
143.204.98.102
143.204.98.36
143.204.98.39
143.204.98.5
143.204.98.76
151.101.0.176
2600:9000:2156:8000:6:a3a2:8fc0:93a1
2620:1ec:21::14
2a00:1450:4001:808::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a02:26f0:6c00::210:ba0a
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:200::622
34.120.195.249
34.211.243.235
34.238.181.251
34.240.93.148
54.187.119.242
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482
01dfdc130cd3e3b7ed01572613ea6552ab9819ca803c688076f850d06aa627a0
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
19ab110c894109b6a5d7bb07d292641fabfc92870641d0fc1adb6d91609f5ffd
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2b84b8a2b477e66d8b6d2fd4e4e1a695d080cb026106ef04303eb976ac578389
2e86d58a15353282021d1c2dc49e80877d8d42ecc4edb7577e660b8ba69165b6
3224f938e00f275d23791c6e04ef10f5bbe191e056a228f9dffa63b929474484
3e0bb78b11bc46b8c1d2c99408a7af7b14f98bf9da8049f2e35284711c05f104
4b38ba1cf45fb7bf23e756d7348fd77cb78679971551fa45a28382fee301cefb
4cb394ca6b49ccbaa37ee9a3dad5e762576f545e92eb84a79a5e9ec790019cfc
50c7af40adb2b7c46678b2777f4f13d50349cd005b50e449de1f4acf10df6ee8
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e52cd6ecb3b9b73a3fb881257a363c23ababd6d70e816a2bb1ae1f9bdee237d
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
82850dc33b7eadb70758b05e52c11d9e68c1b44084c4b68a8c7f741b9f237127
97a53d662bfb1069fa5fc27b400a2ea4d78c5e81dc411a6f90e955de8808b0c1
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
9a280ca12a2d4400a93d3a9faf5e18bb2f65091a76e4cfe41b78621baab826f2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a47c7270e6a67bdb7b2e745e3f6191c1a7585ae81f030cf6777a860e011bcc7f
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
ad53a85581a58bae0ff940c128fc48efbf5ee755a943f269ae6c346b7d24c0ca
aedf0f43a20ad8b31a3a6af1a550930e87f77ba698970ec4efb664d320324a52
b941c671363b278fd6e6a6b07b5a4152a870d300b02f25e8919037e6874cad32
bbd3877879c3c2d802ca1f5360c3b53eb6efcc2ddbb9e51224ab891ee45c643e
bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd
bfb90333683887dad5c0b4587b512c895bd6a69ba11636449f03ec24664ef0f1
c2bd1fc8a1a311ce7464d14ca090d628ef3f42d5f9ae55cc96cfc27d1bb73401
cd76b2a49faf7ebdba125487bebec28e89c77673470cef9bf7add376ca77c823
cd8c7e0c683adc1426ae0a095ed20a68064d8c7028d6997ec95460165a403419
cea41351e83235cbe6b9290eba2e62c4ae5ecea0c401f4743c7825bb9a4ff7d9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2fcf40d25aac39f5bd162801aae17a10a37d8bd93fc9b27a8a2d513259c135f
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71e33970d5f6fdf27efb4a7bbd26817f8b39b2ce05fba80a74213b048445f3b
e9e2af64cda5029a39c2cbb3e8c5c553e4996a57aca032ce2dd4de60898a9dd7
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f160dcedd50edd251c1c1a60602dd406718d7768e1608ec9789897f96d80ec70
f63eb7afed77b9242192a2d1b496831d8a92eb84fe9ed955de49eccf937ac259
fb1aa14304ccf88625d8d69e8eb41742bd884e6ba8f4389240d72257ee61d712
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3